OWASP Penetration Testing Kit szerző: pentestkit.co.uk
Penetration Testing Kit is an extension for application security practitioners, penetration testers, and red teams. Penetration Testing Kit is an extension for application security practitioners, penetration testers, and red teams.
A kiegészítő használatához a Firefoxra lesz szüksége
Kiegészítő metaadatai
A kiegészítő névjegye
The Penetration Testing Kit (PTK) browser extension is your all-in-one solution for streamlining your daily tasks in the realm of application security. Whether you’re a penetration tester, a Red Team member, or an AppSec practitioner, PTK enhances your efficiency and provides deep insights into your target application.
Key Features:
In-Browser IAST (Interactive Application Security Testing):
PTK’s built-in IAST engine instruments your app at runtime—right in the browser—tracking taint flows and code execution to flag vulnerabilities as they occur. Catch issues like DOM-based XSS, unsafe eval/innerHTML usage, open-redirects, and more without leaving your dev tools.
Runtime Scanning (DAST & SCA):
Perform Dynamic Application Security Testing and Software Composition Analysis on the fly. Identify SQL injection, command injection, reflected/stored XSS, SQL auth bypass, XPath injections, JWT attacks, and other complex threats.
JWT Inspector:
Analyze, craft, and tamper with JSON Web Tokens. Generate keys, test null signatures, brute-force HMAC secrets, and inject malicious JWK, JKU or kid parameters.
Insightful Application Info:
One-click visibility into tech stacks, WAFs, security headers, crawled links, and authentication flows.
Built-in Proxy & Traffic Log:
Capture all HTTP(S) traffic, replay requests in R-Builder or R-Attacker, and automate XSS, SQLi, and OS command injection.
R-Builder for Request Tampering & Smuggling:
Craft and manipulate HTTP requests, including complex request-smuggling techniques. Now with cURL import/export.
Cookie Management:
Add, edit, remove, block, protect, export, and import cookies from a powerful in-browser editor.
Decoder/Encoder Utility:
Instantly convert between UTF-8, Base64, MD5, URL-encode/decode, and more formats.
Swagger.IO Integration:
Browse and interact with API endpoints directly from your Swagger documentation.
Selenium Integration:
Shift left security by running automated Selenium tests with built-in vulnerability checks.
Enhance your AppSec practice with PTK—the extension that makes your browser smarter and your testing faster. Install today and start uncovering vulnerabilities in real time!
Key Features:
In-Browser IAST (Interactive Application Security Testing):
PTK’s built-in IAST engine instruments your app at runtime—right in the browser—tracking taint flows and code execution to flag vulnerabilities as they occur. Catch issues like DOM-based XSS, unsafe eval/innerHTML usage, open-redirects, and more without leaving your dev tools.
Runtime Scanning (DAST & SCA):
Perform Dynamic Application Security Testing and Software Composition Analysis on the fly. Identify SQL injection, command injection, reflected/stored XSS, SQL auth bypass, XPath injections, JWT attacks, and other complex threats.
JWT Inspector:
Analyze, craft, and tamper with JSON Web Tokens. Generate keys, test null signatures, brute-force HMAC secrets, and inject malicious JWK, JKU or kid parameters.
Insightful Application Info:
One-click visibility into tech stacks, WAFs, security headers, crawled links, and authentication flows.
Built-in Proxy & Traffic Log:
Capture all HTTP(S) traffic, replay requests in R-Builder or R-Attacker, and automate XSS, SQLi, and OS command injection.
R-Builder for Request Tampering & Smuggling:
Craft and manipulate HTTP requests, including complex request-smuggling techniques. Now with cURL import/export.
Cookie Management:
Add, edit, remove, block, protect, export, and import cookies from a powerful in-browser editor.
Decoder/Encoder Utility:
Instantly convert between UTF-8, Base64, MD5, URL-encode/decode, and more formats.
Swagger.IO Integration:
Browse and interact with API endpoints directly from your Swagger documentation.
Selenium Integration:
Shift left security by running automated Selenium tests with built-in vulnerability checks.
Enhance your AppSec practice with PTK—the extension that makes your browser smarter and your testing faster. Install today and start uncovering vulnerabilities in real time!
Értékelje a tapasztalatait
Fejlesztő támogatása
A kiegészítő fejlesztője azt kéri, hogy egy csekély összeggel támogassa a további fejlesztést.
EngedélyekTovábbi tudnivalók
Ennek a kiegészítőnek ezekre van szüksége:
- Értesítések megjelenítése
- Böngészőlapok elérése
- Az adatai elérése az összes webhelyhez
További információk
- Kiegészítő hivatkozásai
- Verzió
- 9.0.0
- Méret
- 7,16 MB
- Legutóbb frissítve
- 2 napja (2025. máj. 14.)
- Kapcsolódó kategóriák
- Licenc
- Kizárólag GNU AGPL licenc v3.0
- Adatvédelmi irányelvek
- Olvassa el a kiegészítő adatvédelmi irányelveit
- Verziótörténet
- Címkék
Gyűjteményhez adás
További kiegészítők tőle: pentestkit.co.uk
Még nincsenek csillagos értékelések- Még nincsenek csillagos értékelések
- Még nincsenek csillagos értékelések
- Még nincsenek csillagos értékelések
- Még nincsenek csillagos értékelések
- Még nincsenek csillagos értékelések